Security News > 2021 > May > All Wi-Fi devices impacted by new FragAttacks vulnerabilities
Newly discovered Wi-Fi security vulnerabilities collectively known as FragAttacks are impacting all Wi-Fi devices going back as far as 1997.
"The discovered vulnerabilities affect all modern security protocols of Wi-Fi, including the latest WPA3 specification. Even the original security protocol of Wi-Fi, called WEP, is affected."
Attackers abusing these design and implementation flaws have to be in the Wi-Fi range of targeted devices to steal sensitive user data and execute malicious code following successful exploitation, potentially leading to full device takeover.
The programming mistakes behind some of the FragAttacks vulnerabilities are trivial to exploit and would allow attackers to abuse unpatched Wi-Fi products with ease.
"There is no evidence of the vulnerabilities being used against Wi-Fi users maliciously, and these issues are mitigated through routine device updates that enable detection of suspect transmissions or improve adherence to recommended security implementation practices," the Wi-Fi Alliance said.
Additional mitigation advice available on the FragAttacks website suggests "Disabling fragmentation, disabling pairwise rekeys, and disabling dynamic fragmentation in Wi-Fi 6 devices."